Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/xeXhaLY6l-sDyr_XtgHstCh7_jM.roa
File: xeXhaLY6l-sDyr_XtgHstCh7_jM.roa (raw, json)
Hash identifier: QOpQOKl5U1P+gdHmRkPjE5FFdf0JsHQwj3mu0Gz4HH4=
Subject key identifier: C5:E5:E1:68:B6:3A:97:EB:03:CA:BF:D7:B6:01:EC:B4:28:7B:FE:33
Certificate issuer: /CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Certificate serial: 018CC64B45EDED8902A0426FF670E1B667CA
Authority key identifier: 47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/xeXhaLY6l-sDyr_XtgHstCh7_jM.roa
Signing time: Mon 01 Jan 2024 18:31:11 +0000
ROA not before: Mon 01 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204861
IP address blocks: 194.169.190.0/24 maxlen: 24
194.169.193.0/24 maxlen: 24
194.169.196.0/24 maxlen: 24
194.169.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:45:ed:ed:89:02:a0:42:6f:f6:70:e1:b6:67:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Validity
Not Before: Jan 1 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5e5e168b63a97eb03cabfd7b601ecb4287bfe33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:4d:e7:d0:e0:dc:31:68:5e:e2:30:e8:8b:
18:4f:bd:06:c1:26:7d:74:69:55:db:e5:5f:ec:99:
a8:59:aa:c4:d1:36:48:65:31:dc:c6:4d:16:22:c0:
b0:9d:eb:17:a9:9a:25:9f:50:bb:fc:34:a7:12:62:
c2:fe:9b:4e:a6:1b:35:c4:84:20:69:f4:01:d0:b4:
cb:eb:16:e4:e8:45:54:f7:77:a3:a8:cb:b4:b5:95:
71:30:72:a2:e3:c3:9a:22:27:7d:84:a1:2b:8b:99:
75:79:c5:6d:2c:bc:e3:d4:77:bb:30:ae:08:7f:1c:
fd:29:a3:fe:b9:1e:ee:1a:97:72:69:ce:41:33:0f:
1a:c7:4a:ed:64:06:c4:e8:fe:40:20:6b:bd:e7:12:
7f:31:13:16:61:35:5e:3c:82:3f:00:38:ab:2c:f6:
ba:6b:bc:5a:e9:55:bc:2e:8f:cc:e3:7e:20:1d:84:
8d:dd:88:62:95:e0:5b:e2:ae:de:ca:94:3a:d4:80:
1c:c5:70:09:23:49:e6:5e:7e:2f:bb:78:56:0c:8f:
59:16:1f:ab:03:46:87:a1:3a:f4:9c:93:c8:b5:52:
85:46:e1:8f:35:f5:51:ac:8b:a9:3f:b6:24:f4:d9:
91:d0:1b:ae:99:e0:dd:09:42:b3:57:f9:f0:d0:cb:
56:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E5:E1:68:B6:3A:97:EB:03:CA:BF:D7:B6:01:EC:B4:28:7B:FE:33
X509v3 Authority Key Identifier:
keyid:47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/xeXhaLY6l-sDyr_XtgHstCh7_jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.190.0/24
194.169.193.0/24
194.169.196.0/24
194.169.213.0/24
Signature Algorithm: sha256WithRSAEncryption
26:81:81:e0:2a:10:53:a4:25:88:3d:57:9b:ee:37:47:14:7b:
a0:60:41:e7:2c:64:9d:5e:88:5c:6b:0e:cd:f9:a8:26:d8:c3:
48:cf:6b:96:32:9c:fa:b1:fc:e1:c1:2c:56:4d:3e:05:63:19:
c2:00:48:26:36:59:56:04:c1:f6:d5:45:fe:3e:5c:17:0f:bc:
34:32:de:11:7c:58:01:ea:94:58:d4:60:c7:4d:be:c7:b1:a9:
f6:c1:2f:74:1d:c1:d7:bf:1c:8b:8d:ac:81:9b:48:e2:3c:d1:
2b:51:06:bf:4f:55:27:71:7d:44:2b:35:06:ef:7e:34:6c:b0:
55:9b:68:00:05:c1:ac:ac:a5:dc:14:98:41:72:b7:a2:cc:cc:
af:f3:72:d9:28:ed:18:a5:fd:75:d9:e7:68:7f:2e:55:82:57:
67:a4:b6:47:2d:17:ed:53:0e:e5:fd:97:31:d2:da:ca:4a:94:
54:24:a4:bf:a3:32:ff:1a:92:3d:73:0a:79:ba:fb:7d:c2:e3:
28:b2:54:bc:9e:7c:d5:05:1d:85:aa:32:a0:3a:97:63:67:a1:
2c:52:09:e1:48:74:f8:15:6a:91:08:49:06:88:d7:ba:b3:8d:
a3:b3:92:06:ef:c8:e0:77:a3:53:85:b5:ea:a2:5c:80:0b:c5:
1c:b0:e6:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGS0Xt7YkCoEJv9nDhtmfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Y2YyNzE0ZjI5ZGI4MDM1MmU5ZjMwOWVhMmU4YzUyOGM5
NDZiZDkwHhcNMjQwMTAxMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU1ZTE2OGI2M2E5N2ViMDNjYWJmZDdiNjAxZWNiNDI4N2JmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOBN59Dg3DFoXuIw6IsYT70GwSZ9
dGlV2+Vf7JmoWarE0TZIZTHcxk0WIsCwnesXqZoln1C7/DSnEmLC/ptOphs1xIQg
afQB0LTL6xbk6EVU93ejqMu0tZVxMHKi48OaIid9hKEri5l1ecVtLLzj1He7MK4I
fxz9KaP+uR7uGpdyac5BMw8ax0rtZAbE6P5AIGu95xJ/MRMWYTVePII/ADirLPa6
a7xa6VW8Lo/M434gHYSN3YhileBb4q7eypQ61IAcxXAJI0nmXn4vu3hWDI9ZFh+r
A0aHoTr0nJPItVKFRuGPNfVRrIupP7Yk9NmR0BuumeDdCUKzV/nw0MtWBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMXl4Wi2OpfrA8q/17YB7LQoe/4zMB8GA1UdIwQY
MBaAFEfPJxTynbgDUunzCeoujFKMlGvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUt
NThhZGY3OGQ4Mjc4LzEveGVYaGFMWTZsLXNEeXJfWHRnSHN0Q2g3X2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yYjE5MmYtNmNlZS00N2ZhLTgzOTUtNThhZGY3OGQ4Mjc4
LzEvUjg4bkZQS2R1QU5TNmZNSjZpNk1Vb3lVYTlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwqm+AwQA
wqnBAwQAwqnEAwQAwqnVMA0GCSqGSIb3DQEBCwUAA4IBAQAmgYHgKhBTpCWIPVeb
7jdHFHugYEHnLGSdXohcaw7N+agm2MNIz2uWMpz6sfzhwSxWTT4FYxnCAEgmNllW
BMH21UX+PlwXD7w0Mt4RfFgB6pRY1GDHTb7Hsan2wS90HcHXvxyLjayBm0jiPNEr
UQa/T1UncX1EKzUG7340bLBVm2gABcGsrKXcFJhBcreizMyv83LZKO0Ypf112edo
fy5VgldnpLZHLRftUw7l/Zcx0trKSpRUJKS/ozL/GpI9cwp5uvt9wuMoslS8nnzV
BR2FqjKgOpdjZ6EsUgnhSHT4FWqRCEkGiNe6s42js5IG78jgd6NThbXqolyAC8Uc
sOYj
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:46 2024 by rpki-client on console-fra.rpki-client.org